WhatsApp fixes bug without rewarding the researcher.
The issue was considered, not a bug by Facebook (was not Meta when reported) and called the attack ‘theoretical’.
Skype had the exact same bug registered under CVE-2019-0622.
● The researcher (Asim K) shared evidences including the video and comments from now Meta team and we have verified it to be a valid security issue. We have blurred the video and masked the voice for privacy reasons.
In the video; researcher shows a locked phone receiving a WhatsApp call and the attacker (having physical access to locked phone) can get on to the contacts by UI interaction.